Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/fhBEWX57CWS01wKGDmOj8Z9EzYw.roa
File: fhBEWX57CWS01wKGDmOj8Z9EzYw.roa (raw, json)
Hash identifier: D+a2YNuqVyUVJSkU0irOhJ2PQ/I46A6HZqOvQn38NVY=
Subject key identifier: 7E:10:44:59:7E:7B:09:64:B4:D7:02:86:0E:63:A3:F1:9F:44:CD:8C
Certificate issuer: /CN=b6ed9b5cb4b64866c383dee4576bff3ff875242d
Certificate serial: 01942068613F605FD35FE461BC954C9CFCA5
Authority key identifier: B6:ED:9B:5C:B4:B6:48:66:C3:83:DE:E4:57:6B:FF:3F:F8:75:24:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/fhBEWX57CWS01wKGDmOj8Z9EzYw.roa
Signing time: Wed 01 Jan 2025 05:48:19 +0000
ROA not before: Wed 01 Jan 2025 05:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 91.220.172.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Apr 2025 08:13:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:61:3f:60:5f:d3:5f:e4:61:bc:95:4c:9c:fc:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6ed9b5cb4b64866c383dee4576bff3ff875242d
Validity
Not Before: Jan 1 05:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e1044597e7b0964b4d702860e63a3f19f44cd8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:96:20:8e:57:f9:b0:fb:2f:af:39:a0:da:fa:
4c:34:ae:19:22:34:92:36:c1:66:e7:44:4f:b5:b3:
f2:a5:cd:5b:9e:ec:bd:a9:67:2b:99:6f:b7:f2:74:
fc:f2:36:fe:ca:1c:b7:b3:a5:85:7d:31:e3:70:15:
48:44:a4:36:d0:cf:e0:6d:3d:0f:dc:8e:79:cd:48:
fb:1a:bd:57:6a:30:ec:69:20:6d:c7:15:91:82:d8:
35:4c:ca:8a:c9:f0:27:62:12:85:1b:97:e3:68:7b:
6a:57:f8:1a:9d:e0:4b:10:17:93:7b:0a:74:4a:bb:
c6:fa:ce:7c:35:e4:3d:37:98:3e:0c:08:09:cd:59:
e8:08:51:41:05:c5:33:e5:f2:95:f8:6a:09:82:d9:
38:03:b2:59:c9:04:80:5e:40:89:b7:cf:fa:c1:e9:
98:86:93:51:81:1d:54:cb:75:64:2d:51:89:b5:8a:
ab:40:f7:7f:77:52:88:8f:2c:35:4b:e7:55:a4:16:
25:43:f0:1e:ce:27:46:01:0f:b3:e2:0e:72:56:6c:
16:df:b4:8a:27:e5:ce:a9:8e:c3:b6:c1:22:d7:3e:
66:0d:be:6d:be:b5:e4:a8:7b:30:f6:c5:d2:ee:04:
4d:02:14:f6:1c:36:7f:a0:4d:e8:e9:04:03:28:ff:
d1:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:10:44:59:7E:7B:09:64:B4:D7:02:86:0E:63:A3:F1:9F:44:CD:8C
X509v3 Authority Key Identifier:
keyid:B6:ED:9B:5C:B4:B6:48:66:C3:83:DE:E4:57:6B:FF:3F:F8:75:24:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/fhBEWX57CWS01wKGDmOj8Z9EzYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.172.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:1b:d9:8c:b3:00:e6:e1:3d:a1:5c:eb:75:aa:e6:1e:3b:93:
e3:29:4a:db:3e:ff:12:31:d6:ec:77:57:a2:5d:d8:29:06:e9:
8e:ea:a9:51:39:9a:96:f6:74:a6:1c:a3:c6:e4:86:db:9b:cd:
4f:84:4a:ce:d9:d9:12:3b:9f:71:41:e4:29:d0:fb:f7:4c:7a:
50:94:a5:1c:72:d4:5f:4a:f2:3a:63:f2:cb:87:c3:eb:1b:19:
bc:0d:60:6b:61:40:67:77:4b:8b:0e:46:83:32:91:fb:db:93:
02:d4:35:c1:40:a4:a3:28:79:33:f4:ea:4f:d6:fe:42:cb:39:
4d:fb:e9:4b:4b:4e:0d:86:8a:c8:7d:d9:03:93:7b:0a:2b:9b:
bb:94:0e:f3:b5:08:e8:90:49:b7:e2:c1:cf:64:5b:4b:e6:93:
d9:d5:59:a1:90:4a:02:10:50:60:6f:2f:6f:ba:62:52:e6:a9:
4e:9a:b4:f0:b9:c7:2a:33:a7:4c:20:67:56:12:29:6b:41:08:
53:31:be:56:15:5b:56:36:f7:3f:ae:81:ca:b6:ee:55:8d:8e:
6f:0d:76:3f:16:75:c5:c5:9d:e7:f5:63:92:e3:9e:e4:3a:88:
79:c5:05:73:9e:f9:4d:3e:65:df:fa:28:ff:66:80:5f:d6:cc:
2c:8c:dd:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQgaGE/YF/TX+RhvJVMnPylMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZWQ5YjVjYjRiNjQ4NjZjMzgzZGVlNDU3NmJmZjNmZjg3
NTI0MmQwHhcNMjUwMTAxMDU0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTEwNDQ1OTdlN2IwOTY0YjRkNzAyODYwZTYzYTNmMTlmNDRjZDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJYgjlf5sPsvrzmg2vpMNK4ZIjSS
NsFm50RPtbPypc1bnuy9qWcrmW+38nT88jb+yhy3s6WFfTHjcBVIRKQ20M/gbT0P
3I55zUj7Gr1XajDsaSBtxxWRgtg1TMqKyfAnYhKFG5fjaHtqV/ganeBLEBeTewp0
SrvG+s58NeQ9N5g+DAgJzVnoCFFBBcUz5fKV+GoJgtk4A7JZyQSAXkCJt8/6wemY
hpNRgR1Uy3VkLVGJtYqrQPd/d1KIjyw1S+dVpBYlQ/AezidGAQ+z4g5yVmwW37SK
J+XOqY7DtsEi1z5mDb5tvrXkqHsw9sXS7gRNAhT2HDZ/oE3o6QQDKP/RlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH4QRFl+ewlktNcChg5jo/GfRM2MMB8GA1UdIwQY
MBaAFLbtm1y0tkhmw4Pe5Fdr/z/4dSQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xNzFjZWEtM2Q3OC00NTEzLWFkNDkt
NWE5MDVhZjUwN2MzLzEvZmhCRVdYNTdDV1MwMXdLR0RtT2o4WjlFell3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xNzFjZWEtM2Q3OC00NTEzLWFkNDktNWE5MDVhZjUwN2Mz
LzEvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9ysMA0G
CSqGSIb3DQEBCwUAA4IBAQCNG9mMswDm4T2hXOt1quYeO5PjKUrbPv8SMdbsd1ei
XdgpBumO6qlROZqW9nSmHKPG5Ibbm81PhErO2dkSO59xQeQp0Pv3THpQlKUcctRf
SvI6Y/LLh8PrGxm8DWBrYUBnd0uLDkaDMpH725MC1DXBQKSjKHkz9OpP1v5CyzlN
++lLS04NhorIfdkDk3sKK5u7lA7ztQjokEm34sHPZFtL5pPZ1VmhkEoCEFBgby9v
umJS5qlOmrTwuccqM6dMIGdWEilrQQhTMb5WFVtWNvc/roHKtu5VjY5vDXY/FnXF
xZ3n9WOS457kOoh5xQVznvlNPmXf+ij/ZoBf1swsjN0s
-----END CERTIFICATE-----
Generated at Sat Apr 12 16:39:09 2025 by rpki-client